[Discussion] Interesting project

• Previous message (by thread): [Discussion] Interesting project
• Next message (by thread): [Discussion] What are we making? -- CLIENT Side
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I agree that some of these xml standards are bloated and probably
overkill.  My experience has been that all of these network devices use
their own format for data sharing and you end up having to write parsers
for each one.  The best solution is probably an open engine that would
allow someone to write input and output services. 

My only concern is yet another IDS (or whatever) that ignores the
benefit of a standard that anyone could use.  For example, CVE has made
vulnerability reporting easier to process.

jas

Andre Ludwig wrote:
> My limited experience with IDMEF lead me to think of it as a 5000lb
> elephant attempting to tight rope walk across a large gorge on dental
> floss.
> (in case you were wondering I thought it was a large lumbering beast of
> a RFC that no one honestly cared about and felt it should be left for
> dead, which is apparently the case as there hasnt been much work done on
> it since 2005)
>
> Andre Ludwig
>
> Jason Lewis wrote:
> > Argonne adopted IDMEF for their communication.
>
> >
> https://www.anl.gov/it/Cyber_Security/Federations_for_Cyber_Defense/index.html
> > _______________________________________________
> > Discussion mailing list
> > Discussion at openinfosecfoundation.org
> > http://lists.openinfosecfoundation.org/mailman/listinfo/discussion
>
>
>
>
>
>

• Previous message (by thread): [Discussion] Interesting project
• Next message (by thread): [Discussion] What are we making? -- CLIENT Side
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]